Security experts F-Secure Labs has released its Mobile Threat Report for the first quarter of 2012, which shows that the Android platform continues to be the most attacked in terms of malware, spyware and other threats.
The popularity of Android has meant that, historically, we have seen a significant rise in the number of malicious apps developed for the platform. This shows no sign of slowing down as in Q1 of 2011 just 10 new threats were discovered and this number has almost quadrupled for the first quarter of 2012.
37 new families and variants of malware were found in Q1 2012 and even more worryingly, the number of malicious Android application package files has increased from 139 counts this time last year to a staggering 3063 this year.
This is due to the way that malware authors are adapting malicious apps in order to evade detection by anti-virus applications and trojanise popular apps such as Angry Birds. In the UK this week, a company who developed a fake Angry Birds app have been fined £50,000 by UK premium-rate service regulator PhonepayPlus.
A1 Agregator also developed apps to mimic other popular games such as Cut the Rope and posted them on Android marketplaces. These avoided detection from AV software and disguised the fact that it was receiving premium-rate SMS which cost users £5 each time they received one.
The rising incidences in Android malware means that there is an ever-increasing need to be more proactive in the fight against malicious software, F-Secure say. This can be achieved by utilising cloud-based technologies which perform well in detecting unclassified threats based on malicious behaviour.
With this in mind, firms who run BYOD schemes should also consider implementing a sound policy around such schemes to ensure that business data and information is kept protected. One of the most significant finding for the quarter was the discovery of FakeToken A, a trojan which pretends to be a token generator for a mobile banking application – the dangers of this are obviously that it has the potential to steal funds from bank accounts used by the victim phone.
The second most-attacked platform proved to be Symbian OS and threats for both this and Android tend to be mostly gaming apps which have various capabilities, such as information stealing, call recording and premium rate sign up.